Home » Security News » BASHE Ransomware Group Claims Attack on ICICI Bank...

BASHE Ransomware Group Claims Attack on ICICI Bank: What We Know So Far

Deepanker Verma January 24, 2025 Security

Add Techlomedia as a preferred source on Google.

ICICI Bank has reportedly fallen victim to a cyberattack by the notorious BASHE ransomware group. The data allegedly compromised sensitive customer data and the cybercriminals are demanding a ransom in exchange for not leaking the stolen information. While ICICI Bank has not yet officially acknowledged the breach, cybersecurity experts and users are raising concerns about the potential implications of the attack.

The BASHE group, also known by the aliases APT73 or Eraleig, has earned a reputation for targeting high-value organizations across multiple industries, including banking, healthcare, and technology. Since April 2024, BASHE has been responsible for several high-profile cyberattacks. This group targets critical infrastructure and then asks for ransom.

BASHE has set a strict deadline of January 24, 2025, for ICICI Bank to meet its ransom demands. If the bank fails to comply within the specified time, the ransomware group has threatened to publicly expose the stolen data. BASHE has also posted a countdown timer on their TOR-based Data Leak Site (DLS). It provides a constant reminder of the time ticking away for ICICI Bank.

Potential Data Breach at ICICI Bank – Eraleign (Apt73) Ransomware Claims !

During recent independent darkweb research, I encountered claims from the Eraleign (Apt73) ransomware group, also known as BASHE, that they have successfully breached ICICI Bank Limited, a major Indian… pic.twitter.com/l2J2id87V4
— 𝕏 Bug Bounty Writeups 𝕏 (@bountywriteups) January 22, 2025

Despite several reports and discussions on social media platforms, ICICI Bank has yet to officially acknowledge the data breach. This silence has already fueled speculation and raised concerns about the potential extent of the attack. ICICI Bank serves millions of customers across India and has an international presence. If the breach is authentic, it could lead to massive reputational damage and regulatory consequences for the bank.

ICICI Bank needs to address the breach urgently. It should at least confirm if the claims of breach or true or false. In case the company actually became the victim of a cyber attack, it should notify its customers about the breach and inform law enforcement agencies such as the Indian Computer Emergency Response Team (CERT-In).

This incident serves as a wake-up call to all financial institutions about the increasing sophistication of cybercriminals. All financial institutions should invest more in securing their network and infrastructure to avoid security issues.

Follow Techlomedia on Google News to stay updated.

Affiliate Disclosure:

This article may contain affiliate links. We may earn a commission on purchases made through these links at no extra cost to you.

About the Author: Deepanker Verma

Deepanker Verma is the Founder and Editor-in-Chief of TechloMedia. He holds Engineering degree in Computer Science and has over 15 years of experience in the technology sector. Deepanker bridges the gap between complex engineering and consumer electronics. He is also a a known Security Researcher acknowledged by global giants including Apple, Microsoft, and eBay. He uses his technical background to rigorously test gadgets, focusing on performance, security, and long-term value.